That accusation was leveled by Michael Hayden, who led the CIA from 2006 to 2009, in an interview published Friday by Australia's Financial Review.

"At a minimum, Huawei would have shared with the Chinese state intimate and extensive knowledge of the foreign telecommunications systems it is involved with," said Hayden, a retired four-star Air Force general who also served as director of the National Security Agency (NSA) from 1999 to 2005. He's now a visiting professor at George Mason University's school of public policy, a principal at security consultancy Chertoff Group, and a director of Motorola Solutions.

Hayden refused to comment on specific "instances of espionage or any operational matters," for example, pertaining to whether the U.S. government had discovered Huawei actively eavesdropping on equipment or networks it had installed. But in his professional opinion, Huawei is engaged in espionage on behalf of the Chinese state. "Frankly, given the overarching national security risks a foreign company helping build your national telecommunications networks creates, the burden of proof is not on us. It is on Huawei," he said. "In fact, I don't think Huawei has ever really tried hard to meet this burden of proof test."

One of the top concerns related to China's largest telecommunications equipment manufacturer spying on behalf of the Chinese state is that the country's intelligence services don't limit themselves to targeting "state secrets" or political espionage. "They have a much broader definition of legitimate espionage to include intellectual property, commercial trade secrets and the negotiating positions of private entities," Hayden said. "In other words, they don't limit themselves in the way we do in the English-speaking community."

Accordingly, the former NSA director saluted the House of Representatives Permanent Select Committee on Intelligence report on Huawei and ZTE, released in October 2012, which found that "these guys are not even transparent to themselves," he said. "There's no transparency around who appoints the board of directors or controls the ownership of the business. And there's no independent Chinese government oversight committee that could give us continuing confidence that Huawei or ZTE would not do what they promised not to do."

The House report led to a ban on U.S. government agencies buying equipment from Huawei or ZTE without prior approval from the FBI. The report's findings also influenced U.S. businesses. According to a study conducted by InformationWeek earlier this year, 37% of surveyed businesses said the findings were major cause for concern, while 34% said the results represented a deal-breaker.

But what of U.S. espionage? Asked about the need for Prism and other NSA surveillance programs, and how they differed from Chinese espionage operations, the former NSA director first offered unabashed support for the former. "I fully admit: we steal other country's secrets. And frankly we're quite good at it," he said. "But the reason we steal these secrets is to keep our citizens free, and to keep them safe. We don't steal secrets to make our citizens rich. Yet this is exactly what the Chinese do."

The answer arrived Thursday, thanks to Microsoft SharePoint. "This leaker was a system administrator who was trusted with moving information to actually make sure the right information was on the SharePoint servers that NSA Hawaii needed," said NSA director Keith Alexander Thursday in a media briefing at the Aspen Security Forum in Colorado. Obviously, even spies need to store their secrets somewhere.

"Frankly, given the overarching national security risks a foreign company helping build your national telecommunications networks creates, the burden of proof is not on us. It is on Huawei," he said. "In fact, I don't think Huawei has ever really tried hard to meet this burden of proof test."

EXCUSE ME...

But, did Cisco or any major US Network equipment companies show the burden of proof to any of the other countries it sold to to help building their telecommunication networks?

For a retired government worker, whom is desperate to earn a few chips for his lavish living, can his words be trusted??

Huawei is probably spying for the Chinese intelligence services like Microsoft is spying for the U.S. intelligence services of the NSA. If private companies are going to be entwined with the government, rather than strictly free enterprise where private is private and public is public. We used to complain that the Chinese system had block informers as well as other types in an organized system to determine people's loyalty. Guess who does that now and monitors every phone call, email, and snail mail? It seems like a paranoid world now because we live in a militaristic country that is turning no free. They could have left that behind and just lived life for everybody but they chose this violence path, so what would one expect?

SharePoint is probably one of the worst solutions to protect data because it is designed for the user who does not have any knowledge of computers. It is supposed to be an Internet portal, not a secure document repository, although it does have those capabilities. A program like Documentum would probably work better if it is transmitted using SSL and encrypted.

"I fully admit: we steal other country's secrets. And frankly we're quite good at it. But the reason we steal these secrets is to keep our citizens free, and to keep them safe. We don't steal secrets to make our citizens rich. Yet this is exactly what the Chinese do."LOL. And making citizens rich is bad why? :)

Published: 2015-03-31The build_index_from_tree function in index.py in Dulwich before 0.9.9 allows remote attackers to execute arbitrary code via a commit with a directory path starting with .git/, which is not properly handled when checking out a working tree.